Discussion on: Authorization and Authentication For Everyone

kimmaida profile image
Kim Maida Author

OIDC addresses this by using something called a nonce, which is explained in the section on authentication claims. A nonce provides a way for a client to know that the token it receives is the one being returned from the exact authorization request that was issued.